Security News, Articles and Updates

The Chief Data Officer: the new C-level upstart

Bryan Lillie discusses how the role of the chief data officer will evolve over the coming years and how he believes that it will eventually eclipse the role of the chief technology officer.

eBay asking users to switch from keyfob to SMS 2fa

The move has proven as a controversial one, after NIST ruled SMS two-factor authentication as no longer secure enough.

Fear & loathing of firewall & SIEM log savers. Don't save everything

Mark Kedgley discusses the importance of logging firewalls to meet mandatory compliance needs and keep auditors happy while avoiding wasting precious IT investment in storage and SIEM performance.

Modernising your cyber-security approach - a panel discussion

A panel of experts comprising Adam Montville, David Froud and Mark Kedgley collaborated on a variety of cyber-security issues at a roundtable discussion.

Researchers find 132 apps on Play Store infected with iFrame malware

According to the researchers, the apps were infected with "tiny hidden iFrames that link to malicious domains in their local HTML pages".

Free online course offers online privacy and cyber-security advice

A free cyber-security course being offered by Newcastle University's School of Computing Science is one of the latest ways to protect online privacy.

New bill to allow prisons to deploy IMSI catchers outside of prisons

Use of fake base stations is currently limited to within prison walls, and normally commissioned by the prison governor.

Google Project Zero notifies Microsoft as another bug found but not patched

Is the Google team of security researchers once again teetering on the edge of responsible and irresponsible disclosure?

Only 4% of cyber-pros are happy with their cyber-security investments

Nearly 80 percent of cyber-professionals say enterprises must understand the behaviours of people as they interact with intellectual property (IP) and other critical business data, but only 32 percent are able to do so effectively.

How eCommerce can protect themselves and customers from hacks

David Midgley discusses what ecommerce sites need to do to protect themselves from a hack or why banks should start accepting digital currency deposits.

The right way to respond to cyber-security threats is to be proactive

Gavin Russell discusses why having a defined a cyber-response process is important, and why it should be pro-active, covering all likely outcomes.

As CISOs look for more clarity in the noise, is the cloud the answer?

Despite its security issues, security vendors appear to be migrating security tools to the cloud to provide the answer to CISOs wanting a clearer approach to quicker threat detection and prevention.

Product Spotlight: Skybox Security Suite - 1st Nov 2016

Skybox Security Suite is many things besides vulnerability management and, perhaps, that is a major strength. Many of the modules interact in such a manner that the overall management of vulnerabilities - particularly analytics - is enhanced significantly.

Product Spotlight: Skybox Security Suite - 1st June 2016

We have watched these folks almost from their inception and we always have been impressed. Their mission is a rather grand one: manage the security on the enterprise's entire threat surface.

Attention to cyber-security is becoming daily routine in the C-suite

While far-reaching and diverse, the underlying causes of security risks are amenable to collective action.

Understanding the social engineer

Social engineering was the most popular attack technique last year, and James Maude believes this may continue if businesses don't get the basics of prevention and education right.

Shift Left - how to improve security in your developers' code - do it earlier

The simple premise behind last week's Shift Left conference, organised by CheckMarx, was to do security early and throughout code development, and empower developers.

Your security solutions not keeping you safe enough?

Noam Rosenfeld offers six Cs for deploying the right detection and says response technology is the next logical step.

Automotive Cyber-crime: What can we learn from the media industry?

As the automative industry prepares for increased use of connected cars, Mark Mulready considers how it might learn from the Pay-TV industry's experience preventing pirates stealing company IP from consumer-owned devices.

Symantec caught issuing illegal certificates for second time in two years

Symantec improperly issued 108 invalidated transport layer security certificates.

UK cyber-security inquiry to launch following US election hacks

The UK government will be launching a national inquiry on cyber-security to assess the extent to which Britain is protected from the growth in attacks worldwide.

It's time for a new perspective on security

As the cyber-world becomes more dangerous than ever, Charl van der Walt examines why a new wave of security professionals believes businesses can regain the upper hand.

Confronting the challenges of the 2016 cyber-security landscape

Oscar Arean explores how businesses can overcome these challenges so that they can ultimately protect their business from cyber-threats and data breaches.

AI: Revolutionising the information security industry

Günter Ollman explores how the information security industry is starved of experienced security workers and how its proving detrimental to its advancement and exposing IT systems and internet businesses to criminality and ransom.

IBM: Carmina Lees interview

IBM is starting to make waves in the cyber-security space, leveraging the fact that it has to secure its own vast global business.

Industry Innovators 2016: Competition is a good thing

It's that time of year again when we look back at who the Innovators were over the past 12 months.

Industry Innovators 2016: Access control

Access control is becoming a greater and greater challenge. Traditionally, access control consists of managing access, authentication and authorisation.

Industry Innovators 2016: Analysis and testing

This is - or can be - a very broad category. This year we looked the landscape over pretty closely and we saw a lot of the same things we've seen in previous years.

Industry Innovators 2016: Cyber-threat analysis and intelligence

Cyber-threat analysis and intelligence has become a staple of next-generation security tools. However, as a group by itself it contains some of our most noteworthy Innovators.